Fixes for Heimdal (macOS) builds from Stefan.

[mech_eap.git] / mech_eap / util_mech.c

diff --git a/mech_eap/util_mech.c b/mech_eap/util_mech.c
index 3e65c1e..944a2fa 100644 (file)
--- a/mech_eap/util_mech.c
+++ b/mech_eap/util_mech.c
@@ -37,21 +37,25 @@
 #include "gssapiP_eap.h"
 
 /*
- * Many OIDs are taken from 1.3.6.1.4.1.5322(padl)
+ * Mechanism and name types are taken from 1.3.6.1.5.5(mechanisms)
+ * assigned at http://www.iana.org/assignments/smi-numbers
+ *
+ *      abfab(15)
+ *       mechanisms(1)
+ *        gss-eap-v1(1)
+ *         eap-aes128-cts-hmac-sha1-96(17)
+ *         eap-aes256-cts-hmac-sha1-96(18)
+ *       nametypes(2)
+ *        GSS_EAP_NT_EAP_NAME(1)
+ *
+ * Implementation-internal OIDs are taken from 1.3.6.1.4.1.5322(padl)
  *      gssEap(22)
- *       mechanisms(1) (no longer used)
- *        eap-aes128-cts-hmac-sha1-96(17)
- *        eap-aes256-cts-hmac-sha1-96(18)
- *       nameTypes(2) (no longer used)
  *       apiExtensions(3)
  *        inquireSecContextByOid(1)
  *        inquireCredByOid(2)
  *        setSecContextOption(3)
  *        setCredOption(4)
  *        mechInvoke(5)
- *        Mechanisms and name types are now taken from
- *      http://www.iana.org/assignments/smi-numbers . See Prefix:
- *      iso.org.dod.internet.security.mechanisms.abfab (1.3.6.1.5.5.15)
  */
 
 /*
@@ -192,7 +196,11 @@ gssEapIndicateMechs(OM_uint32 *minor,
 
     GSSEAP_KRB_INIT(&krbContext);
 
+#ifdef HAVE_HEIMDAL_VERSION
+    *minor = krb5_get_default_in_tkt_etypes(krbContext, KRB5_PDU_NONE, &etypes);
+#else
     *minor = krb5_get_permitted_enctypes(krbContext, &etypes);
+#endif
     if (*minor != 0) {
         return GSS_S_FAILURE;
     }